﻿using System;
using System.Web;
using System.Web.SessionState;

namespace CMS.Web.Manage.Ashx {
	/// <summary>
	/// 登录验证
	/// </summary>
	public class Login : IHttpHandler, IRequiresSessionState {

		public void ProcessRequest(HttpContext context) {
			context.Response.ContentType = "text/plain";

			int loginCount = 0;

			if (context.Session["LoginFailedCount"] != null) {
				loginCount = Convert.ToInt32(context.Session["LoginFailedCount"]);

				// 限制连续登录失败的次数
				if (loginCount >= 7) {
					context.Response.Write("-99");
					return;
				}
			}

			string loginId = context.Request.QueryString["login_id"];
			string password = context.Request.QueryString["password"];

			if (Core.Admin.Validate(loginId, password)) {
				context.Response.Write("1"); // 验证成功返回 1 , 交由前台JS进行判断
			}
			else {
				context.Session["LoginFailedCount"] = ++loginCount;
				context.Response.Write(0 - loginCount); // 验证失败返回连续失败的次数
			}
		}

		public bool IsReusable {
			get {
				return false;
			}
		}
	}
}
